August 1, 2022

    java.lang.VerifyError: Bad type on operand stack with Java crypto

    Below is a topic we frequently receive questions about. We hope you find the response useful as well.

    java.lang.VerifyError: Bad type on operand stack with Java crypto

    User 1 - Aug 2022

    I built a library and obfuscated with with ProGuard. Everything is fine but things happen to be bad when I add a util to decrypt text by Java Crypto AES. ProGuard: 7.2.2. Java: 8.

    The error like this:

    java.lang.VerifyError: Bad type on operand stack
    Exception Details:
    Location:
    org/myOrg/DataCheck.decrypt(Ljava/lang/String;)Ljava/lang/String; @197: invokevirtual
    Reason:
    Type ‘java/lang/Object’ (current frame, stack[2]) is not assignable to ‘java/security/GeneralSecurityException’
    Current Frame:
    bci: @197
    flags: { }
    locals: { top, ‘java/lang/Object’ }
    stack: { ‘java/io/PrintStream’, ‘java/lang/StringBuilder’, ‘java/lang/Object’ }
    Bytecode:
    0x0000000: 1010 bc08 5903 0354 5904 0354 5905 0354
    0x0000010: 5906 0354 5907 0354 5908 0354 5910 0603
    0x0000020: 5459 1007 0354 5910 0803 5459 1009 0354
    0x0000030: 5910 0a03 5459 100b 0354 5910 0c03 5459
    0x0000040: 100d 0354 5910 0e03 5459 100f 0354 4cbb
    0x0000050: 001f 592b b700 384d 1208 b800 374e bb00
    0x0000060: 2059 1202 b600 2a12 09b6 0028 1201 1101
    0x0000070: 00b7 0039 3a04 2d19 04b6 0036 3a05 bb00
    0x0000080: 2159 1905 b900 3b01 0012 03b7 003a 3a06
    0x0000090: 1204 b800 343a 0719 0705 1906 2cb6 0035
    0x00000a0: bb00 0d59 1907 b800 2f2a b600 31b6 0033
    0x00000b0: b700 27b0 4cb2 0023 bb00 0e59 b700 2b12
    0x00000c0: 06b6 002c 2bb6 002e b600 2cb6 002d b600
    0x00000d0: 2501 b0
    Exception Handler Table:
    bci [0, 179] => handler: 180
    bci [0, 179] => handler: 180
    bci [0, 179] => handler: 180
    bci [0, 179] => handler: 180
    bci [0, 179] => handler: 180
    bci [0, 179] => handler: 180
    bci [0, 179] => handler: 180
    Stackmap Table:
    full_frame(@180,{},{Object[#12]})

    The decypt function is:

    protected static String decrypt(String strToDecrypt)
    {
        try
        {
            byte[] iv = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
            IvParameterSpec ivspec = new IvParameterSpec(iv);
            SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256");
            KeySpec spec = new PBEKeySpec(SECRET_KEY.toCharArray(), SALTVALUE.getBytes(), 65536, 256);
            SecretKey tmp = factory.generateSecret(spec);
            SecretKeySpec secretKey = new SecretKeySpec(tmp.getEncoded(), "AES");
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5PADDING");
            cipher.init(Cipher.DECRYPT_MODE, secretKey, ivspec);
            
            return new String(cipher.doFinal(Base64.getDecoder().decode(strToDecrypt)));
        }
        catch (InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | InvalidKeySpecException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e)
        {
            System.out.println("Error occurred during decryption: " + e);
        }
        return null;
    }

     

    Solved by User 1 - Aug 2022

    Yes, the warnings are hidden by the -dontwarn option. After enabled warning then I saw lots of unreferenced classes that need to be configured by -libraryjars and issue was solved. Thanks so much @The Guardsquare Team!

    Guardsquare Team - Aug 2022

    Hi @User 1!

    It’s possible that the problem is introduced by the preverification process because some library classes are missing.

    Do you have warnings for missing classes in the log? Especially, if they’re related to this crypto code. You should add any library jars to your configuration using the -libraryjars config option.

    If this doesn’t help, can you share a sample that reproduces the problem?

    Thanks,

    The Guardsquare Team

    User 1 - Aug 2022

    Yes, the warnings are hidden by the -dontwarn option. After enabled warning then I saw lots of unreferenced classes that need to be configured by -libraryjars and issue was solve

    Thanks so much @The Guardsquare Team!

    Tag(s): ProGuard & R8

    Guardsquare

    Discover how Guardsquare provides industry-leading protection for mobile apps.

    Request Pricing